accumulo-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From vi...@apache.org
Subject git commit: ACCUMULO-2713 fixing Michael Allen's patch and adding test
Date Tue, 22 Apr 2014 16:32:07 GMT
Repository: accumulo
Updated Branches:
  refs/heads/1.6.0-SNAPSHOT 5678e5137 -> 6138a80f0


ACCUMULO-2713 fixing Michael Allen's patch and adding test


Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo
Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/6138a80f
Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/6138a80f
Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/6138a80f

Branch: refs/heads/1.6.0-SNAPSHOT
Commit: 6138a80f0b3252abbb1ac65e5c267f5ff7514ff6
Parents: 5678e51
Author: John Vines <vines@apache.org>
Authored: Tue Apr 22 12:30:28 2014 -0400
Committer: John Vines <vines@apache.org>
Committed: Tue Apr 22 12:30:28 2014 -0400

----------------------------------------------------------------------
 .../security/crypto/CryptoModuleFactory.java    |  1 +
 .../accumulo/core/file/rfile/RFileTest.java     | 21 ++++++++++++++++++++
 2 files changed, 22 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/accumulo/blob/6138a80f/core/src/main/java/org/apache/accumulo/core/security/crypto/CryptoModuleFactory.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/security/crypto/CryptoModuleFactory.java
b/core/src/main/java/org/apache/accumulo/core/security/crypto/CryptoModuleFactory.java
index 649bfc8..4d04125 100644
--- a/core/src/main/java/org/apache/accumulo/core/security/crypto/CryptoModuleFactory.java
+++ b/core/src/main/java/org/apache/accumulo/core/security/crypto/CryptoModuleFactory.java
@@ -258,6 +258,7 @@ public class CryptoModuleFactory {
     // Get all the options from the configuration
     Map<String,String> cryptoOpts = conf.getAllPropertiesWithPrefix(Property.CRYPTO_PREFIX);
     cryptoOpts.putAll(conf.getAllPropertiesWithPrefix(Property.INSTANCE_PREFIX));
+    cryptoOpts.remove(Property.INSTANCE_SECRET.getKey());
     cryptoOpts.put(Property.CRYPTO_BLOCK_STREAM_SIZE.getKey(), Integer.toString((int) conf.getMemoryInBytes(Property.CRYPTO_BLOCK_STREAM_SIZE)));
 
     return fillParamsObjectFromStringMap(params, cryptoOpts);

http://git-wip-us.apache.org/repos/asf/accumulo/blob/6138a80f/core/src/test/java/org/apache/accumulo/core/file/rfile/RFileTest.java
----------------------------------------------------------------------
diff --git a/core/src/test/java/org/apache/accumulo/core/file/rfile/RFileTest.java b/core/src/test/java/org/apache/accumulo/core/file/rfile/RFileTest.java
index ccbefb2..767bb3d 100644
--- a/core/src/test/java/org/apache/accumulo/core/file/rfile/RFileTest.java
+++ b/core/src/test/java/org/apache/accumulo/core/file/rfile/RFileTest.java
@@ -40,6 +40,7 @@ import java.util.Set;
 import org.apache.accumulo.core.Constants;
 import org.apache.accumulo.core.conf.AccumuloConfiguration;
 import org.apache.accumulo.core.conf.ConfigurationCopy;
+import org.apache.accumulo.core.conf.Property;
 import org.apache.accumulo.core.data.ArrayByteSequence;
 import org.apache.accumulo.core.data.ByteSequence;
 import org.apache.accumulo.core.data.Key;
@@ -71,6 +72,8 @@ import org.junit.Rule;
 import org.junit.Test;
 import org.junit.rules.TemporaryFolder;
 
+import com.google.common.primitives.Bytes;
+
 public class RFileTest {
 
   private static final Collection<ByteSequence> EMPTY_COL_FAMS = new ArrayList<ByteSequence>();
@@ -1748,6 +1751,24 @@ public class RFileTest {
   }
 
   @Test
+  public void testCryptoDoesntLeakInstanceSecret() throws IOException {
+    conf = setAndGetAccumuloConfig(CryptoTest.CRYPTO_ON_CONF);
+    // test an empty file
+
+    TestRFile trf = new TestRFile(conf);
+
+    trf.openWriter();
+    trf.closeWriter();
+
+    byte[] rfBytes = trf.baos.toByteArray();
+    
+    // If we get here, we have encrypted bytes
+    byte[] toCheck = Property.INSTANCE_SECRET.getKey().getBytes();
+    assertEquals(-1, Bytes.indexOf(rfBytes, toCheck));
+  }
+
+  
+  @Test
   public void testRootTabletEncryption() throws Exception {
 
     // This tests that the normal set of operations used to populate a root tablet


Mime
View raw message